Why logstash multiline filter is not matching the logs?

Question

I am sending logs to logstash using beaver. These logs are multiline in nature so I am using multiline filter but somehow the filter is not able to match the log. There are no errors in the output of the logstash. Here is what I see in logstash:

{"@source":"udp://10.238.161.213:36655/","@tags":[],"@fields":{},"@timestamp":"2013-09-23T16:37:56.653Z","@source_host":"10.238.161.213","@source_path":"/","@message":"{\"@source\": \"file://app1.example.org/ebs/app.log\", \"@source_host\": \"app1.example.org\", \"@message\": \"        This is line3\", \"@tags\": [], \"@fields\": {}, \"@timestamp\": \"2013-09-23T16:38:18.150822Z\", \"@source_path\": \"/ebs/app.log\", \"@type\": \"file\"}","@type":"app"}

Sample log line:

This is a log line
    This is line2
    This is line3

Logstash conf:

input {
  udp {
    type => "app"
    port => 9996
  }
}
filter {
  multiline {
    type => "app"
    pattern => "^\s"
    what => "previous"
  }
}
output {
  elasticsearch { host => "127.0.0.1" }
}

Beaver is running on remote app host and is invoked as:

/usr/bin/python /usr/bin/beaver -D -P /var/lock/beaver.pid -c /etc/beaver/conf -t udp -p /ebs/

and /etc/beaver looks like:

[beaver]
udp_host: logstash.example.org
udp_port: 9996

Any thoughts on why multiine filter is not matching the logs?